<?php
/**
 * Created by PhpStorm.
 * User: dehong
 * Date: 2016/10/8
 * Time: 21:12
 */
session_start();
// 定义个常量，用来调用includes里面的文件
define('IN_TG',true);
// 用来指定本页内容
define('SCRIPT','manage_job');
// 引入公共文件
require dirname(__FILE__).'/includes/common.inc.php'; // 转换成硬路径,速度更快
// 必须是管理员才能登录
_manage_login();
// 添加管理员
if(@$_GET['action']=='add'){
    if(!!$_rows = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
        // 为了防止cookie伪造，还要对比一下唯一标识符uniqid()
        _uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
        $_clean = array();
        $_clean['username'] = $_POST['manage'];
        $_clean = _mysql_string($_clean);
        // 添加
        $_sql = "UPDATE tg_user SET tg_level=1 WHERE tg_username=:username";
        $stmt = $GLOBALS['dbh']->prepare($_sql); // 进行预处理
        $data = array(
            ':username' => $_clean['username']
        );
        $stmt->execute($data) or die('执行错误！'); // 执行，放入参数
        // 判断是否修改成功
        if ($stmt->rowCount() == 1) {
            $GLOBALS['dbh'] = null;
            _location('恭喜你，管理员添加成功！', SCRIPT . '.php');
        } else {
            $GLOBALS['dbh'] = null;
            _alert_back('管理员添加失败！原因：不存在此用户或者为空');
        }
    } else {
        _alert_back('非法登录！');
    }
}
// 辞职
if(@$_GET['action']=='job' && isset($_GET['id'])){
    if(!!$_rows = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
        // 为了防止cookie伪造，还要对比一下唯一标识符uniqid()
        _uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
        // 辞职
        $_sql = "UPDATE tg_user SET tg_level=0 WHERE tg_username=:username AND tg_id=:id";
        $stmt = $GLOBALS['dbh']->prepare($_sql); // 进行预处理
        $data = array(
            ':username' => $_COOKIE['username'],
            ':id' => $_GET['id']
        );
        $stmt->execute($data) or die('执行错误！'); // 执行，放入参数
        // 判断是否修改成功
        if ($stmt->rowCount() == 1) {
            $GLOBALS['dbh'] = null;
            session_destroy();
            _location('辞职成功！','index.php');
        } else {
            $GLOBALS['dbh'] = null;
            _alert_back('辞职失败！');
        }
    } else {
        _alert_back('非法登录！');
    }
}
global $_pagesize,$_pagenum;
_page("SELECT tg_id FROM tg_user",15);
// 从数据库提取数据获取结果集
$_sql = "SELECT  tg_id,
                            tg_username,
                            tg_email,
                            tg_reg_time FROM tg_user WHERE tg_level=1 ORDER BY tg_reg_time DESC LIMIT $_pagenum,$_pagesize";
$result = _fetch_array_list($_sql);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <?php require ROOT_PATH.'includes/title.inc.php'; ?>
    <script type="text/javascript" src="js/member_message.js"></script>
</head>
<body>
<?php require ROOT_PATH."includes/header.inc.php"; ?>

<div id="member">
    <?php require ROOT_PATH."includes/manage.inc.php";?>
    <div id="member_main">
        <h2>会员列表中心</h2>
        <table cellspacing="1">
            <tr><th>ID号</th><th>会员名</th><th>邮件</th><th>注册时间</th><th>操作</th></tr>
            <?php
                $_html = array();
                foreach($result as $_rows){
                    $_html['id'] = $_rows['tg_id'];
                    $_html['username'] = $_rows['tg_username'];
                    $_html['email'] = $_rows['tg_email'];
                    $_html['reg_time'] = $_rows['tg_reg_time'];
                    $_html = _html($_html);
                    if($_COOKIE['username'] == $_html['username']){
                        $_html['job_html'] = '<a href="manage_job.php?action=job&id='.$_html['id'].'">辞职</a>';
                    }else{
                        $_html['job_html'] = '无权操作';
                    }
            ?>
            <tr>
                <td><?php echo $_html['id']?></td>
                <td><?php echo $_html['username']?></td>
                <td><?php echo $_html['email']?></td>
                <td><?php echo date('Y-m-d H:i:s',$_html['reg_time'])?></td>
                <td><?php echo $_html['job_html']?></td>
            </tr>
            <?php }
            ?>
        </table>
        <form method="post" action="?action=add">
            <input type="text" name="manage" class="text" /> <input type="submit" value="添加管理员" />
        </form>

        <?php _paging(2);?>
    </div>
</div>
    <?php require ROOT_PATH."includes/footer.inc.php"; ?>
</body>
</html>